2 matches found
CVE-2014-4849
Multiple cross-site scripting XSS vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the 1 e or 2 r parameter...
CVE-2014-4849
CVE-2014-4849 describes multiple cross-site scripting (XSS) weaknesses in the FoeCMS component, specifically in the file/msg handler msg.php , exploitable via the input parameters (1) e and (2) r. The issue allows remote attackers to inject arbitrary web script or HTML. The NVD metrics list a bas...